Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
Many ransomware-wielding attackers continue to hack into organizations via remote desktop protocol. But some Sodinokibi ransomware-as-a-service affiliates have shifted instead to targeting victims via botnets, saying hackers' use of RDP exploits has grown too common.
Sodinokibi/REvil appears to be making millions since it seized the ransomware-as-a-service mantle from GandCrab earlier this year. Security firm McAfee says up to 40 percent of every victim's ransom payment - average: $4,000 - gets remitted to the Sodinokibi actor, with "affiliates" keeping the rest.
Lastminute.com is a worldwide travel company that helps customers in 40 countries search and book travel related products and services. The company operates a portfolio of well-known brands, each with a consumer website in multiple languages and its own security and performance needs. Their total combined traffic...
Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company Sophos in a $3.9 billion deal, the two companies announced Monday. The Sophos board will "unanimously recommend" the sale to shareholders, the company says.
The Cyber Security Agency of Singapore has come up with an operational technology and cybersecurity master plan aimed at building a secure and resilience ecosystem to protect critical infrastructure. But will implementation prove feasible?
Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.
Moving your whole network to the cloud can be intimidating and risky to say the least. That's why organizations are first focusing on campus network transformation.
To modernize your campus network and get started on your multi-cloud journey, download this 2019 buyer's guide to learn:
4 essential campus...
As the number and variety of threats mushroom, an Ovum survey has found that security teams have become physically unable to respond in an appropriate way to the ones that actually matter, with 50% of respondents in India saying they deal with more than 50 alerts each day. Shockingly, for 6% of organizations, that...
Déjà vu basic cybersecurity challenge all over again: With the U.S. government warning that geopolitical tensions could trigger wiper-attack reprisals, security experts review the basic anti-wiper - and anti-ransomware - defenses organizations should already have in place.
Together with President Donald Trump and the EU Copyright Directive, the U.K's Internet Services Providers' Association has nominated Mozilla as one of its three nominees for "internet villain" of the year. Its purported crime has been to advance a more secure version of the domain name system.
Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
Digital transformation impacts the way that organizations deal with cybersecurity risk, says Tim Wilkinson of Avast Business, who provides advice on how to place security at the center of the transformation.
As the IT infrastructure evolves and becomes far more complex, security needs to be built in, not bolted on later, says VIjendra Katiyar of Trend Micro.
When you have limited resources and a large attack surface to protect, smart prioritization is crucial. Frameworks like the Center for Internet Security (CIS) Top 20 Critical Security Controls are designed to help you make those difficult decisions, but a framework is only useful if you've got the resources to follow...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.
